Abstract

Constant innovation in attack methods presents a significant problem for the security community which struggles to remain current in attack prevention, detection and response. The practice of threat hunting provides a proactive approach to identify and mitigate attacks in real-time before the attackers complete their objective. In this research, I present a matrix of adversary techniques inspired by MITRE’s ATT&CK matrix. This study allows threat hunters to classify the actions of advanced persistent threats (APTs) according to network-based behaviors.

Library of Congress Subject Headings

Computer networks--Security measures; Cyberterrorism--Prevention

Publication Date

11-22-2019

Document Type

Thesis

Student Type

Graduate

Degree Name

Computing Security (MS)

Department, Program, or Center

Department of Computing Security (GCCIS)

Advisor

Justin Pelletier

Advisor/Committee Member

Bill Stackpole

Advisor/Committee Member

Robert Brandon

Recommended Citation

Bornholm, Benjamin, "Network-based APT profiler" (2019). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/10259

Campus

RIT – Main Campus

Plan Codes

COMPSEC-MS

Download

COinS

Theses

Network-based APT profiler

Abstract

Library of Congress Subject Headings

Publication Date

Document Type

Student Type

Degree Name

Department, Program, or Center

Advisor

Advisor/Committee Member

Advisor/Committee Member

Recommended Citation

Campus

Plan Codes

Search

Browse

Author Corner

RIT Links

Theses

Network-based APT profiler

Author

Abstract

Library of Congress Subject Headings

Publication Date

Document Type

Student Type

Degree Name

Department, Program, or Center

Advisor

Advisor/Committee Member

Advisor/Committee Member

Recommended Citation

Campus

Plan Codes

Share

Search

Browse

Author Corner

RIT Links